CBI warns states, UTs about phishing software that uses COVID-19 messages for infecting smartphones

The Central Bureaus of Investigation (CBI) has issued an alert relating to a banking Trojan known as Cerberus.

CBI warns states, UTs about phishing software that uses COVID-19 messages for infecting smartphones
Image for representational purpose only

NEW DELHI: The Central Bureau of Investigation (CBI) has issued an alert relating to a banking Trojan known as ''Cerberus'' that uses updates related to the coronavirus pandemic. Based on inputs received from the Interpol, the CBI has alerted the states, the Union Territories, and other central agencies about the malicious phishing software ''Cerberus'' that uses COVID-19 messages for infecting smartphones.

This malicious software takes advantage of the COVID-19 pandemic to impersonate and send SMS using the lure of COVID-19 related content to download the embedded malicious link, which deploys its malicious app usually spread via phishing campaigns to trick users into installing it on their smartphones.

This Trojan primarily focuses on stealing financial data such as credit card numbers, the officials said. 

In addition, it can use overlay attacks to trick victims into providing personal information and can capture two-factor authentication details.

"This malicious software takes advantage of COVID-19 pandemic to impersonate and send SMS using the lure of COVID-19 related content to download the embedded malicious link, which deploys its malicious app usually spread via phishing campaigns to trick users into installing it on their smartphones," it said. 

"This Trojan primarily focuses on stealing financial data such as credit card numbers. In addition, it can use overlay attacks to trick victims into providing personal information and can capture two-factor authentication details," the agency said in its warning.